The Need for Anti-Fraud Partnerships: GBSDTech and the RAG Wangiri Blockchain

Industry adoption of the RAG Wangiri Blockchain has gathered pace since the Risk & Assurance Group (RAG) and Orillion Solutions first prototyped the anti-fraud data exchange during June. Partly this is due to a string of national warnings about subscribers receiving ‘one and cut’ missed calls that dupe them into phoning back. A large group of telcos and vendors are currently awaiting the release of a major upgrade to the blockchain, which will include an API to make sharing intelligence even easier. But what motivates the early adopters that have been using the wangiri blockchain since the original pilot? I spoke with Jeffrey Ross (pictured), the Chief Operating Officer of GBSD Technologies, about the reasons his company was amongst the first to join the anti-wangiri consortium. Jeffrey is always an entertaining fellow with plenty of good-natured opinions to share. As well as being a shrewd businessman and former banker, Jeffrey is also a proud Texan, an ex-marine and an organizer of an annual charity rodeo. I was keen to hear why Jeffrey made joining the wangiri blockchain a priority for GBSDTech.

Eric: How does fighting wangiri fraud relate to the business interests of GBSDTech?

Jeffrey: Since the beginning of GBSDTech our company has assisted in helping fight crime whether through location based services and lawful intercept, or through our latest fraud blocking platform, FINIS. Fighting wangiri fraud is simply another way we are able to apply our existing solutions towards combating a different type of crime. It’s a natural transition for us to help with wangiri fraud.

Eric: Some will think that uploading data to the RAG Wangiri Blockchain sounds like a lot of work for little reward.  What does GBSDTech gain by being involved in this initiative?

Jeffrey: All great things take a lot of work. The way I see it, helping out with the RAG Wangiri Blockchain falls under our mission statement of being a leader in the telecom industry by being committed to helping our customers, building enduring relationships, and helping the communities in which we serve. We believe it is best to lead by example, and what better way than to align ourselves with an organization that has similar beliefs and ethics.

Eric: The benefits of knowledge sharing exercises increase along with the number of members in the consortium.  That is why it can be difficult to get initiatives like these started.  What made you believe this initiative would be successful, leading you to join from the very beginning?

Jeffrey: The best way to combat not only wangiri, but all types of fraud, is if we share our knowledge of what works and what doesn’t work. We saw the consortium as a way to do our part in the fight against telecom fraud. Our solutions utilize multiple policy rules at various layers in the network, which can include location based services, signaling checks, and blocking fraud in real-time within milliseconds. With this information we have the ability to contribute attested data back to the blockchain consortium.

Eric: Is wangiri noticeably worse than it was a few years ago?  What do your customers think about the damage being done by wangiri fraudsters?

Jeffrey: Wangiri is noticeably worse than it was years ago. Everyone should consider how often they personally receive a one ring/hang up call now versus just a few years ago. In fact, I received one as I was doing this interview!! As a society we have just become more accustomed to receiving wangiri, robocalls, spam calls, etc. It’s like boiling a frog. You put a frog in boiling water it notices immediately and jumps out. You put a frog in room temperature water and slowly turn the heat up, it is boiling without even realizing it… before long it’s too late.

Our customers, the CSP’s/MNO’s, are just as frustrated as consumers are. The damage done is financially driven, but also from a customer perspective (company’s public reputation). Customers are weary of receiving the calls and move to a different telco company, not knowing that they will most likely have the same problem elsewhere. Lost customers = lost minutes = declining revenues. Word of mouth from a telco customer (as in any industry) can help or hurt an organization tremendously.

Eric: What do you think about the potential of blockchain to share information relating to other kinds of telecoms frauds?

Jeffrey: The idea has massive potential across the industry to help fighting fraud. It will be based on the quality of information being shared, and verification will play a key role in the various types of fraud. As previously stated, GBSDTech is providing the verification treatment and can contribute those verified fraudulent numbers back to the blockchain. The RAG blockchain is beginning with wangiri; however, we see the potential of fraudulent number data sharing applied to all types of telecom fraud.

Eric: Wangiri can be considered a kind of nuisance call, in that the end recipients do not want to receive calls of this type, and it is also a kind of robocall because wangiri calls are made by machines.  The USA and Canada are currently adopting STIR/SHAKEN, a protocol designed to reduce nuisance robocalls by validating the originating number of calls by attaching digital signatures to them.  What do you think of STIR/SHAKEN and the impact it will have on nuisance robocalls generally?

Jeffrey: STIR/SHAKEN is a great initiative that is long overdue. There is no question the telecom industry globally will be watching to see the successes and failures. We understand that it will take time to implement this across all CSP’s/MNO’s globally. This means that there will still be a need in the future for CVT (call validation treatment) and information sharing on fraudulent activity. STIR/SHAKEN is not the silver bullet answer, but it will have an enormous impact on robocalls. This will force fraudsters into utilizing different methods which they will have to implement to continue to operate.

Eric: Would STIR/SHAKEN also reduce the number of wangiri calls?

Jeffrey: It won’t reduce the number of wangiri calls made; however, it will reduce the number of wangiri calls being connected. There are levels of attestation in STIR/SHAKEN, and these must be implemented and verified to allow the calls to be connected.

Wangiri calls can still get past the attestation levels based on the verification and CVT not looking for certain information elements in the call setup messaging; however, there will be information attached to the call allowing the subscriber to make an informed decision on whether to answer or not.

Eric: One problem with robocalls used for fraud and spam is that you can legislate and punish offenders on a national level but the calls may originate abroad.  STIR/SHAKEN works only if the protocol is adopted end-to-end, and that means it can only work if the entire call is carried across IP networks.  Do you anticipate other countries will follow the lead of North America in adopting STIR/SHAKEN?  If so, how soon?

Jeffrey: Eric, you hit the nail on the head. Legislation is the driving force in North America forcing action to occur, and this is due to over 200,000 complaints per year being filed with the FCC about “unwanted calls”. STIR/SHAKEN is a great initiative for within North America; however, how many legitimate calls come into North America from other countries daily? These legitimate calls won’t have “certificates” or “keys”, and the only way for this to occur is if the industry adopts a similar initiative.

We anticipate that STIR/SHAKEN, or the same concept, will be adopted in other countries sooner than expected. It might just be called or “labeled” as something else by another country. In fact, GBSDTech is already providing CVT (call validation treatment) in other countries, that is based on the STIR/SHAKEN framework.

Eric: A major challenge in dealing with fraud can be determining the actual source.  Will STIR/SHAKEN help to eliminate that problem?  Is it hence relevant to reducing many kinds of frauds, and not just frauds where the end recipient is being fooled into accepting a call from a confidence trickster?

Jeffrey: STIR/SHAKEN will require fraudsters to obtain a certificate to attach to their calls. These certificates will be provided by the certificate authority; therefore, they will have to be registered to be assigned their certificate. But we all know that fraudsters are like toddlers, and no matter how many hurdles we put in front of them, they will find a way to get their hand in the cookie jar.

GBSDTech has developed the technology to eliminate fraud and locate it at the actual source, but it is a continual moving target. If one “type” of fraud is eliminated, a different type of fraud (new or old) increases. So, in effect, vendors and CSP’s/MNO’s need to constantly focus on eliminating all types of fraud.

Eric: We both share the same frustration – some kinds of fraud have persisted for a long time because it is so difficult to coordinate and drive necessary change across the industry.  What are the key anti-fraud developments you would like to see the industry adopt globally, and with some urgency?

Jeffrey: If there is any chance at putting fraudsters out of business we must work together as an industry on a global scale. This is exactly why GBSDTech has taken the stance of partnering with other vendors rather than competing against them. Everyone continually says there is no silver bullet for fraud, but we pose the question… why not? Here in Texas everyone would tell you there is no perfect truck, but if you were to take the best parts of a Ford, Dodge, and Chevrolet, and combine them, you might have the perfect truck (silver bullet). Working together, vendors and CSP’s/MNO’s, like with the RAG Wangiri Blockchain and its consortium, is the direction we should be focusing upon.

Jeffrey Ross is the COO of GBSD Technologies, a member of the RAG Wangiri Blockchain Consortium.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.